Data Breach Investigations: Ethical Considerations for In-House Counsel when Investigating a Security Incident
Program Number: 2508
Presenter: Jennifer Kies Mammen, Esq., Jena M. Valdetero, Esq, David A. Zetoony, Esq.
Data security breaches are now unavoidable. The question is whether in-house counsel are prepared to deal with a breach when it occurs. In addition to the legal and practical questions that arise from a data breach, in-house counsel must often navigate several ethical dilemmas. David Zetoony, Jena M. Valdetero and Jennifer Mammen discuss ethical issues that typically arise when investigating a security incident. These include coordinating an incident response, interactions with employees that may be responsible for causing a security incident, and managing external resources such as forensic investigators and outside counsel. The program focuses on issues of confidentiality and conflicts. Specific ethical rules, cases, opinions to be discussed include: ABA Model Rules (e.g., Confidentiality of Information (1.6), Conflict of Interest (1.7), Organization as client (1.13), Duties to prospective client (1.18), Advisor (2.1), Lawyer as witness (3.7), Truthfulness in statements to others (4.1)); Upjohn; and various state bar ethics opinions.